<?xml version="1.0" encoding="iso-8859-1"?>
<!DOCTYPE html 
     PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
     "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
   <html xmlns="http://www.w3.org/1999/xhtml">
<head>
  <title>Docs For Class DefaultHTTPUtilities</title>
  <link rel="stylesheet" href="../media/stylesheet.css" />
  <script src="../media/lib/classTree.js"></script>
<link id="webfx-tab-style-sheet" type="text/css" rel="stylesheet" href="../media/lib/tab.webfx.css" />
<script type="text/javascript" src="../media/lib/tabpane.js"></script>
  <script language="javascript" type="text/javascript" src="../media/lib/ua.js"></script>
<script language="javascript" type="text/javascript">
	var imgPlus = new Image();
	var imgMinus = new Image();
	imgPlus.src = "../media/images/plus.gif";
	imgMinus.src = "../media/images/minus.gif";
	
	function showNode(Node){
        switch(navigator.family){
        	case 'nn4':
        		// Nav 4.x code fork...
				var oTable = document.layers["span" + Node];
				var oImg = document.layers["img" + Node];
        		break;
        	case 'ie4':
        		// IE 4/5 code fork...
				var oTable = document.all["span" + Node];
				var oImg = document.all["img" + Node];
        		break;
        	case 'gecko':
        		// Standards Compliant code fork...
				var oTable = document.getElementById("span" + Node);
				var oImg = document.getElementById("img" + Node);
        		break;
        }
		oImg.src = imgMinus.src;
		oTable.style.display = "block";
	}
	
	function hideNode(Node){
        switch(navigator.family){
        	case 'nn4':
        		// Nav 4.x code fork...
				var oTable = document.layers["span" + Node];
				var oImg = document.layers["img" + Node];
        		break;
        	case 'ie4':
        		// IE 4/5 code fork...
				var oTable = document.all["span" + Node];
				var oImg = document.all["img" + Node];
        		break;
        	case 'gecko':
        		// Standards Compliant code fork...
				var oTable = document.getElementById("span" + Node);
				var oImg = document.getElementById("img" + Node);
        		break;
        }
		oImg.src = imgPlus.src;
		oTable.style.display = "none";
	}
	
	function nodeIsVisible(Node){
        switch(navigator.family){
        	case 'nn4':
        		// Nav 4.x code fork...
				var oTable = document.layers["span" + Node];
        		break;
        	case 'ie4':
        		// IE 4/5 code fork...
				var oTable = document.all["span" + Node];
        		break;
        	case 'gecko':
        		// Standards Compliant code fork...
				var oTable = document.getElementById("span" + Node);
        		break;
        }
		return (oTable && oTable.style.display == "block");
	}
	
	function toggleNodeVisibility(Node){
		if (nodeIsVisible(Node)){
			hideNode(Node);
		}else{
			showNode(Node);
		}
	}
</script>
<!-- template designed by Julien Damon based on PHPEdit's generated templates, and tweaked by Greg Beaver -->
<body bgcolor="#ffffff" ><!-- Start of Class Data -->
<h2>
	Class DefaultHTTPUtilities
</h2> (line <span class="linenumber">43</span>)
<div class="tab-pane" id="tabPane1">
<script type="text/javascript">
tp1 = new WebFXTabPane( document.getElementById( "tabPane1" ));
</script>

<div class="tab-page" id="Description">
<h2 class="tab">Description</h2>
<pre>
</pre>
<p>
	<b><i>Located in File: <a href="_reference---DefaultHTTPUtilities.php.html">/reference/DefaultHTTPUtilities.php</a></i></b><br>
</p>
<!-- ========== Info from phpDoc block ========= -->
<h5>Reference implementation of the HTTPUtilities interface.</h5>
<div class="desc"><p>PHP version 5.2</p></div>
<ul>
		<li><strong>author:</strong> - jah &lt;<a href="mailto:jah@jahboite.co.uk">jah@jahboite.co.uk</a>&gt;</li>
		<li><strong>version:</strong> - Release: @package_version@</li>
		<li><strong>copyright:</strong> - 2009-2010 The OWASP Foundation</li>
		<li><strong>link:</strong> - <a href="http://www.owasp.org/index.php/ESAPI">http://www.owasp.org/index.php/ESAPI</a></li>
		<li><strong>license:</strong> - <a href="http://www.opensource.org/licenses/bsd-license.php">New BSD license</a></li>
	</ul>
<br /><hr />
</div>
<script type="text/javascript">tp1.addTabPage( document.getElementById( "Description" ) );</script>
<div class="tab-page" id="tabPage1">

<h2 class="tab">Class Variables</h2>
<!-- ============ VARIABLE DETAIL =========== -->
<strong>Summary:</strong><br />
<hr />
<script type="text/javascript">tp1.addTabPage( document.getElementById( "tabPage1" ) );</script>
</div>
<div class="tab-page" id="constantsTabpage">

<h2 class="tab">Class Constants</h2>
<!-- ============ VARIABLE DETAIL =========== -->
<strong>Summary:</strong><br />
<hr />
<script type="text/javascript">tp1.addTabPage( document.getElementById( "constantsTabpage" ) );</script>
</div>
<div class="tab-page" id="tabPage2">
<h2 class="tab">Method Detail</h2>
<!-- ============ METHOD DETAIL =========== -->
<strong>Summary:</strong><br />
<div class="method-summary">
    <div class="method-definition">
            <span class="method-result">null</span>
        <a href="#method__construct" title="details" class="method-name">__construct</a>
        ()
        </div>
    <div class="method-definition">
            <span class="method-result">string</span>
        <a href="#methodaddCSRFToken" title="details" class="method-name">addCSRFToken</a>
        (<span class="var-type">string</span>&nbsp;<span class="var-name">$href</span>)
        </div>
    <div class="method-definition">
            <span class="method-result">null</span>
        <a href="#methodassertSecureRequest" title="details" class="method-name">assertSecureRequest</a>
        (<span class="var-type"><a href="../ESAPI_Filters/SafeRequest.html">SafeRequest</a></span>&nbsp;<span class="var-name">$request</span>)
        </div>
    <div class="method-definition">
            <span class="method-result">bool</span>
        <a href="#methodchangeSessionIdentifier" title="details" class="method-name">changeSessionIdentifier</a>
        ()
        </div>
    <div class="method-definition">
            <span class="method-result">string|null</span>
        <a href="#methodgetCookie" title="details" class="method-name">getCookie</a>
        (<span class="var-type"><a href="../ESAPI_Filters/SafeRequest.html">SafeRequest</a></span>&nbsp;<span class="var-name">$request</span>, <span class="var-type">string</span>&nbsp;<span class="var-name">$name</span>)
        </div>
    <div class="method-definition">
            <span class="method-result">string|null</span>
        <a href="#methodgetCSRFToken" title="details" class="method-name">getCSRFToken</a>
        ()
        </div>
    <div class="method-definition">
            <span class="method-result"><a href="../ESAPI_Filters/SafeRequest.html">SafeRequest</a></span>
        <a href="#methodgetCurrentRequest" title="details" class="method-name">getCurrentRequest</a>
        ()
        </div>
    <div class="method-definition">
            <span class="method-result">bool</span>
        <a href="#methodisSecureChannel" title="details" class="method-name">isSecureChannel</a>
        (<span class="var-type"><a href="../ESAPI_Filters/SafeRequest.html">SafeRequest</a></span>&nbsp;<span class="var-name">$request</span>)
        </div>
    <div class="method-definition">
            <span class="method-result">null.</span>
        <a href="#methodkillAllCookies" title="details" class="method-name">killAllCookies</a>
        (<span class="var-type"><a href="../ESAPI_Filters/SafeRequest.html">SafeRequest</a></span>&nbsp;<span class="var-name">$request</span>)
        </div>
    <div class="method-definition">
            <span class="method-result">null.</span>
        <a href="#methodkillCookie" title="details" class="method-name">killCookie</a>
        (<span class="var-type"><a href="../ESAPI_Filters/SafeRequest.html">SafeRequest</a></span>&nbsp;<span class="var-name">$request</span>, <span class="var-type">string</span>&nbsp;<span class="var-name">$name</span>)
        </div>
    <div class="method-definition">
            <span class="method-result">null</span>
        <a href="#methodlogHTTPRequest" title="details" class="method-name">logHTTPRequest</a>
        (<span class="var-type"><a href="../ESAPI_Filters/SafeRequest.html">SafeRequest</a></span>&nbsp;<span class="var-name">$request</span>, <span class="var-type"><a href="../ESAPI/Auditor.html">Auditor</a></span>&nbsp;<span class="var-name">$auditor</span>)
        </div>
    <div class="method-definition">
            <span class="method-result">null</span>
        <a href="#methodlogHTTPRequestObfuscate" title="details" class="method-name">logHTTPRequestObfuscate</a>
        (<span class="var-type"><a href="../ESAPI_Filters/SafeRequest.html">SafeRequest</a></span>&nbsp;<span class="var-name">$request</span>, <span class="var-type"><a href="../ESAPI/Auditor.html">Auditor</a></span>&nbsp;<span class="var-name">$auditor</span>, <span class="var-type">array|null</span>&nbsp;<span class="var-name">$paramsToObfuscate</span>)
        </div>
    <div class="method-definition">
            <span class="method-result">null</span>
        <a href="#methodsetCSRFToken" title="details" class="method-name">setCSRFToken</a>
        ()
        </div>
    <div class="method-definition">
            <span class="method-result">null.</span>
        <a href="#methodsetCurrentHTTP" title="details" class="method-name">setCurrentHTTP</a>
        (<span class="var-type"><a href="../ESAPI_Filters/SafeRequest.html">SafeRequest</a></span>&nbsp;<span class="var-name">$request</span>)
        </div>
    <div class="method-definition">
            <span class="method-result">null</span>
        <a href="#methodverifyCSRFToken" title="details" class="method-name">verifyCSRFToken</a>
        (<span class="var-type"><a href="../ESAPI_Filters/SafeRequest.html">SafeRequest</a></span>&nbsp;<span class="var-name">$request</span>)
        </div>
</div>
<hr />
<A NAME='method_detail'></A>


<a name="method__construct" id="method__construct"><!-- --></a>
<div style="background='#eeeeee'"><h4>
<img src="../media/images/Constructor.gif" border="0" /> <strong class="method">Constructor __construct</strong> (line <span class="linenumber">55</span>)
 </h4> 
<h4><i>null</i> <strong>__construct(
)</strong></h4>

	<!-- ========== Info from phpDoc block ========= -->
<h5>The constructor stores an instance of Auditor for the purpose of logging.</h5>
		
	<h4>Info</h4>
	<ul>
			<li><strong>access</strong> - public</li>
		</ul>
</div>
<a name="methodaddCSRFToken" id="methodaddCSRFToken"><!-- --></a>
<div style="background='#ffffff'"><h4>
<img src="../media/images/PublicMethod.gif" border="0" /> <strong class="method">Method addCSRFToken</strong> (line <span class="linenumber">71</span>)
 </h4> 
<h4><i>string</i> <strong>addCSRFToken(
string
$href)</strong></h4>

	<!-- ========== Info from phpDoc block ========= -->
<h5>Adds the CSRF token from the current session to the supplied URL for the  purposes of preventing CSRF attacks. This method should be used on all URLs  to be put into all links and forms the application generates.</h5>
		<h4>Parameters</h4>
	<ul>
			<li><strong>string $href</strong>: the URL to which the CSRF token will be appended.</li>
		</ul>
		
	<h4>Info</h4>
	<ul>
			<li><strong>return</strong> - URL with the CSRF token parameter appended to it.</li>
			<li><strong>access</strong> - public</li>
		</ul>
</div>
<a name="methodassertSecureRequest" id="methodassertSecureRequest"><!-- --></a>
<div style="background='#eeeeee'"><h4>
<img src="../media/images/PublicMethod.gif" border="0" /> <strong class="method">Method assertSecureRequest</strong> (line <span class="linenumber">213</span>)
 </h4> 
<h4><i>null</i> <strong>assertSecureRequest(
<a href="../ESAPI_Filters/SafeRequest.html">SafeRequest</a>
$request)</strong></h4>

	<!-- ========== Info from phpDoc block ========= -->
<h5>Ensures that the supplied request was received with Transport Layer  Security and uses the HTTP POST to protect any sensitive parameters in  the request from being sniffed or logged. For example, this method should  be called from any method that uses sensitive data from a web form.</h5>
		<h4>Parameters</h4>
	<ul>
			<li><strong><a href="../ESAPI_Filters/SafeRequest.html">SafeRequest</a> $request</strong>: The request object to test.</li>
		</ul>
		
	<h4>Info</h4>
	<ul>
			<li><strong>throws</strong> - AccessControlException if security constraints are not met.</li>
			<li><strong>access</strong> - public</li>
		</ul>
</div>
<a name="methodchangeSessionIdentifier" id="methodchangeSessionIdentifier"><!-- --></a>
<div style="background='#ffffff'"><h4>
<img src="../media/images/PublicMethod.gif" border="0" /> <strong class="method">Method changeSessionIdentifier</strong> (line <span class="linenumber">249</span>)
 </h4> 
<h4><i>bool</i> <strong>changeSessionIdentifier(
)</strong></h4>

	<!-- ========== Info from phpDoc block ========= -->
<h5>Invalidate the old session after copying all of its contents to a newly</h5>
<div class="desc"><p>created session with a new session id. Note that this is different from  logging out and creating a new session identifier that does not contain  the existing session contents. Care should be taken to use this only when  the existing session does not contain hazardous contents.</p></div>
		
	<h4>Info</h4>
	<ul>
			<li><strong>return</strong> - true if the change of Session Identifier was successful,               false otherwise</li>
			<li><strong>access</strong> - public</li>
		</ul>
</div>
<a name="methodgetCookie" id="methodgetCookie"><!-- --></a>
<div style="background='#eeeeee'"><h4>
<img src="../media/images/PublicMethod.gif" border="0" /> <strong class="method">Method getCookie</strong> (line <span class="linenumber">190</span>)
 </h4> 
<h4><i>string|null</i> <strong>getCookie(
<a href="../ESAPI_Filters/SafeRequest.html">SafeRequest</a>
$request, string
$name)</strong></h4>

	<!-- ========== Info from phpDoc block ========= -->
<h5>Get the first cookie with the matching name.</h5>
		<h4>Parameters</h4>
	<ul>
			<li><strong><a href="../ESAPI_Filters/SafeRequest.html">SafeRequest</a> $request</strong>: Request object.</li>
			<li><strong>string $name</strong>: The name of the cookie to retreive.</li>
		</ul>
		
	<h4>Info</h4>
	<ul>
			<li><strong>return</strong> - value of the requested cookie or                      null if the specified cookie is not present.</li>
			<li><strong>access</strong> - public</li>
		</ul>
</div>
<a name="methodgetCSRFToken" id="methodgetCSRFToken"><!-- --></a>
<div style="background='#ffffff'"><h4>
<img src="../media/images/PublicMethod.gif" border="0" /> <strong class="method">Method getCSRFToken</strong> (line <span class="linenumber">105</span>)
 </h4> 
<h4><i>string|null</i> <strong>getCSRFToken(
)</strong></h4>

	<!-- ========== Info from phpDoc block ========= -->
<h5>Returns the CSRF token from the current session. If there is no current  session then null is returned. If the CSRF Token is not present in the  session it will be created.</h5>
		
	<h4>Info</h4>
	<ul>
			<li><strong>return</strong> - CSRF token for the current session or                      null.</li>
			<li><strong>access</strong> - public</li>
		</ul>
</div>
<a name="methodgetCurrentRequest" id="methodgetCurrentRequest"><!-- --></a>
<div style="background='#eeeeee'"><h4>
<img src="../media/images/PublicMethod.gif" border="0" /> <strong class="method">Method getCurrentRequest</strong> (line <span class="linenumber">402</span>)
 </h4> 
<h4><i><a href="../ESAPI_Filters/SafeRequest.html">SafeRequest</a></i> <strong>getCurrentRequest(
)</strong></h4>

	<!-- ========== Info from phpDoc block ========= -->
<h5>Retrieves the current SafeRequest.</h5>
		
	<h4>Info</h4>
	<ul>
			<li><strong>return</strong> - the current request.</li>
			<li><strong>access</strong> - public</li>
		</ul>
</div>
<a name="methodisSecureChannel" id="methodisSecureChannel"><!-- --></a>
<div style="background='#ffffff'"><h4>
<img src="../media/images/PublicMethod.gif" border="0" /> <strong class="method">Method isSecureChannel</strong> (line <span class="linenumber">272</span>)
 </h4> 
<h4><i>bool</i> <strong>isSecureChannel(
<a href="../ESAPI_Filters/SafeRequest.html">SafeRequest</a>
$request)</strong></h4>

	<!-- ========== Info from phpDoc block ========= -->
<h5>Returns true if the supplied request object was received over a secured  channel i.e. Transport Layer Security (e.g. SSL or TLS).</h5>
<div class="desc"><p>This method tests for the $_SERVER global with key 'HTTPS' which should  be a non-empty value if TLS was used.  Since this key is not part of the  CGI 1.1 specification there is no guarantee that it is provided by all  web servers and in cases where it is not present, isSecureChannel will  fail and throw an EnterpiseSecurityException.</p></div>
		<h4>Parameters</h4>
	<ul>
			<li><strong><a href="../ESAPI_Filters/SafeRequest.html">SafeRequest</a> $request</strong>: The request object to test.</li>
		</ul>
		
	<h4>Info</h4>
	<ul>
			<li><strong>return</strong> - TRUE if the request was made over Transport Layer Security               FALSE otherwise.</li>
			<li><strong>throws</strong> - EnterpiseSecurityException</li>
			<li><strong>access</strong> - public</li>
		</ul>
</div>
<a name="methodkillAllCookies" id="methodkillAllCookies"><!-- --></a>
<div style="background='#eeeeee'"><h4>
<img src="../media/images/PublicMethod.gif" border="0" /> <strong class="method">Method killAllCookies</strong> (line <span class="linenumber">306</span>)
 </h4> 
<h4><i>null.</i> <strong>killAllCookies(
<a href="../ESAPI_Filters/SafeRequest.html">SafeRequest</a>
$request)</strong></h4>

	<!-- ========== Info from phpDoc block ========= -->
<h5>Kill all cookies received in the last request from the browser. Note that  new cookies set by the application in this response may not be killed by  this method.</h5>
		<h4>Parameters</h4>
	<ul>
			<li><strong><a href="../ESAPI_Filters/SafeRequest.html">SafeRequest</a> $request</strong>: Request object.</li>
		</ul>
		
	<h4>Info</h4>
	<ul>
			<li><strong>access</strong> - public</li>
		</ul>
</div>
<a name="methodkillCookie" id="methodkillCookie"><!-- --></a>
<div style="background='#ffffff'"><h4>
<img src="../media/images/PublicMethod.gif" border="0" /> <strong class="method">Method killCookie</strong> (line <span class="linenumber">331</span>)
 </h4> 
<h4><i>null.</i> <strong>killCookie(
<a href="../ESAPI_Filters/SafeRequest.html">SafeRequest</a>
$request, string
$name)</strong></h4>

	<!-- ========== Info from phpDoc block ========= -->
<h5>Kills the specified cookie by setting a new cookie that expires  immediately. Note that this method does not delete new cookies that are  being set by the application for this response.</h5>
		<h4>Parameters</h4>
	<ul>
			<li><strong><a href="../ESAPI_Filters/SafeRequest.html">SafeRequest</a> $request</strong>: Request object.</li>
			<li><strong>string $name</strong>: Name of the cookie to be killed.</li>
		</ul>
		
	<h4>Info</h4>
	<ul>
			<li><strong>access</strong> - public</li>
		</ul>
</div>
<a name="methodlogHTTPRequest" id="methodlogHTTPRequest"><!-- --></a>
<div style="background='#eeeeee'"><h4>
<img src="../media/images/PublicMethod.gif" border="0" /> <strong class="method">Method logHTTPRequest</strong> (line <span class="linenumber">418</span>)
 </h4> 
<h4><i>null</i> <strong>logHTTPRequest(
<a href="../ESAPI_Filters/SafeRequest.html">SafeRequest</a>
$request, <a href="../ESAPI/Auditor.html">Auditor</a>
$auditor)</strong></h4>

	<!-- ========== Info from phpDoc block ========= -->
<h5>Format the Source IP address, URL, URL parameters, and all form parameters  into a string suitable for the log file. Be careful not to log sensitive  information, and consider masking with the logHTTPRequestObfuscate method.</h5>
		<h4>Parameters</h4>
	<ul>
			<li><strong><a href="../ESAPI_Filters/SafeRequest.html">SafeRequest</a> $request</strong>: Current Request object.</li>
			<li><strong><a href="../ESAPI/Auditor.html">Auditor</a> $auditor</strong>: the auditor to write the request to.</li>
		</ul>
		
	<h4>Info</h4>
	<ul>
			<li><strong>access</strong> - public</li>
		</ul>
</div>
<a name="methodlogHTTPRequestObfuscate" id="methodlogHTTPRequestObfuscate"><!-- --></a>
<div style="background='#ffffff'"><h4>
<img src="../media/images/PublicMethod.gif" border="0" /> <strong class="method">Method logHTTPRequestObfuscate</strong> (line <span class="linenumber">440</span>)
 </h4> 
<h4><i>null</i> <strong>logHTTPRequestObfuscate(
<a href="../ESAPI_Filters/SafeRequest.html">SafeRequest</a>
$request, <a href="../ESAPI/Auditor.html">Auditor</a>
$auditor, array|null
$paramsToObfuscate)</strong></h4>

	<!-- ========== Info from phpDoc block ========= -->
<h5>Format the Source IP address, URL, URL parameters, and all form parameters</h5>
<div class="desc"><p>into a string suitable for the log file. The list of parameters to obfuscate  should be specified in order to prevent sensitive information from being  logged. If a null or empty list of parameters is provided, then all  parameters will be logged in the clear. If HTTP request logging is done in a  central place $paramsToObfuscate could be made a configuration parameter. We  include it here in case different parts of the application need to obfuscate  different parameters.</p></div>
		<h4>Parameters</h4>
	<ul>
			<li><strong><a href="../ESAPI_Filters/SafeRequest.html">SafeRequest</a> $request</strong>: Current Request object.</li>
			<li><strong><a href="../ESAPI/Auditor.html">Auditor</a> $auditor</strong>: The auditor to write the request to.</li>
			<li><strong>array|null $paramsToObfuscate</strong>: The sensitive parameters.</li>
		</ul>
		
	<h4>Info</h4>
	<ul>
			<li><strong>access</strong> - public</li>
		</ul>
</div>
<a name="methodsetCSRFToken" id="methodsetCSRFToken"><!-- --></a>
<div style="background='#eeeeee'"><h4>
<img src="../media/images/PublicMethod.gif" border="0" /> <strong class="method">Method setCSRFToken</strong> (line <span class="linenumber">157</span>)
 </h4> 
<h4><i>null</i> <strong>setCSRFToken(
)</strong></h4>

	<!-- ========== Info from phpDoc block ========= -->
<h5>Sets the CSRF Token for the current session.  If the session has not been  started at the time this method is called then the token will not be  generated.</h5>
		
	<h4>Info</h4>
	<ul>
			<li><strong>access</strong> - public</li>
		</ul>
</div>
<a name="methodsetCurrentHTTP" id="methodsetCurrentHTTP"><!-- --></a>
<div style="background='#ffffff'"><h4>
<img src="../media/images/PublicMethod.gif" border="0" /> <strong class="method">Method setCurrentHTTP</strong> (line <span class="linenumber">386</span>)
 </h4> 
<h4><i>null.</i> <strong>setCurrentHTTP(
<a href="../ESAPI_Filters/SafeRequest.html">SafeRequest</a>
$request)</strong></h4>

	<!-- ========== Info from phpDoc block ========= -->
<h5>Stores the supplied SafeRequest object so that it may be readily accessed  throughout ESAPI (and elsewhere).</h5>
		<h4>Parameters</h4>
	<ul>
			<li><strong><a href="../ESAPI_Filters/SafeRequest.html">SafeRequest</a> $request</strong>: Current Request object.</li>
		</ul>
		
	<h4>Info</h4>
	<ul>
			<li><strong>access</strong> - public</li>
		</ul>
</div>
<a name="methodverifyCSRFToken" id="methodverifyCSRFToken"><!-- --></a>
<div style="background='#eeeeee'"><h4>
<img src="../media/images/PublicMethod.gif" border="0" /> <strong class="method">Method verifyCSRFToken</strong> (line <span class="linenumber">132</span>)
 </h4> 
<h4><i>null</i> <strong>verifyCSRFToken(
<a href="../ESAPI_Filters/SafeRequest.html">SafeRequest</a>
$request)</strong></h4>

	<!-- ========== Info from phpDoc block ========= -->
<h5>Searches the GET and POST parameters in a request for the CSRF token stored  in the current session and throws an IntrusionException if it is missing.</h5>
		<h4>Parameters</h4>
	<ul>
			<li><strong><a href="../ESAPI_Filters/SafeRequest.html">SafeRequest</a> $request</strong>: A request object.</li>
		</ul>
		
	<h4>Info</h4>
	<ul>
			<li><strong>throws</strong> - IntrusionException if the CSRF token is missing or incorrect.</li>
			<li><strong>access</strong> - public</li>
		</ul>
</div>
<script type="text/javascript">tp1.addTabPage( document.getElementById( "tabPage2" ) );</script></div>
<div class="tab-page" id="iVars">
<h2 class="tab">Inherited Variables</h2>
<script type="text/javascript">tp1.addTabPage( document.getElementById( "iVars" ) );</script>
<!-- =========== VAR INHERITED SUMMARY =========== -->
<A NAME='var_inherited_summary'><!-- --></A>
<h3>Inherited Class Variable Summary</h3>

	</div>
<div class="tab-page" id="iMethods">
<h2 class="tab">Inherited Methods</h2>
<script type="text/javascript">tp1.addTabPage( document.getElementById( "iMethods" ) );</script>
<!-- =========== INHERITED METHOD SUMMARY =========== -->
<A NAME='functions_inherited'><!-- --></A>
<h3>Inherited Method Summary</h3>

	</div>
</div>
<script type="text/javascript">
//<![CDATA[

setupAllTabs();

//]]>
</script>
	<div id="credit">
		<hr />
		Documentation generated on Fri, 21 May 2010 14:53:33 -0400 by <a href="http://www.phpdoc.org" target="_blank">phpDocumentor 1.4.3</a>
	</div>
</body>
</html>